Commit graph

9 commits

Author SHA1 Message Date
muradm
dc403ec7f1
gnu: services: Fix fail2ban configuration serialization.
This fixes a regression from 543d971ed2 whereby
match-lambda due to configuration field reordering.

* gnu/services/security.scm:
[serialize-fail2ban-ignore-cache-configuration]: Switch to match-record.
[serialize-fail2ban-jail-filter-configuration]: Switch to match-record.
[serialize-fail2ban-jail-action-configuration]: Switch to match-record.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2023-01-10 10:47:27 -05:00
Ludovic Courtès
a420b4f34e
services: fail2ban: Start server in the foreground.
Previously, we were passing '-b', thereby starting the server in the
background.  Consequently the 'start' method could complete before the
server was ready to accept connections on its socket, leading to
non-deterministic test failures.

Reported by Mathieu Othacehe <othacehe@gnu.org>.

* gnu/services/security.scm (fail2ban-shepherd-service): Change
FAIL2BAN-ACTION to invoke 'fail2ban-client'.
Change 'start' method to use 'make-forkexec-constructor'; start the
server in the foreground with '-f' and pass '-x' to force execution of
the server, as done upstream in 'fail2ban.service.in'.
2022-12-06 17:49:50 +01:00
Ludovic Courtès
a508b5c778
services: fail2ban: Remove unnecessary Shepherd 'modules' field.
* gnu/services/security.scm (fail2ban-shepherd-service): Remove
unnecessary 'modules' field.
2022-12-06 17:07:46 +01:00
Ludovic Courtès
e45c83c397
services: fail2ban: 'stop' returns #f when the dameon is stopped.
* gnu/services/security.scm (fail2ban-shepherd-service): Change
FAIL2BAN-ACTION to return an 'invoke' gexp.
Adjust the shepherd 'start' and 'stop' fields accordingly.  Have 'stop'
return #f on success.
2022-12-06 17:07:12 +01:00
muradm
29d52a56f2
gnu: fail2ban-service-type: Improve extra-content fields.
* gnu/services/security.scm
(fail2ban-jail-configuration)[extra-content]: Change to text-config.
(fail2ban-configuration)[extra-content]: Change to text-config.
* gnu/doc/guix.texi: Update type of extra-content fields.

Modified-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-09-14 11:29:11 -04:00
muradm
fa2d651475
gnu: fail2ban-service-type: Fix documentation typos.
Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-09-01 08:58:16 -04:00
muradm
7686dd9676
gnu: fail2ban-service-type: Improve jail configuration serialization.
* gnu/services/security.scm (fail2ban-jail-configuration)
[name]: Should use empty-serializer.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-09-01 08:58:16 -04:00
muradm
80d9edb69d
gnu: fail2ban-service-type: Fix field name serialization.
* gnu/services/security.scm: Wrong condition in string-filter
function in fail2ban-jail-configuration-serialize-field-name.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-09-01 08:58:15 -04:00
muradm
3c2d2b4538
gnu: security: Add fail2ban-service-type.
* gnu/services/security.scm: New module.
* gnu/tests/security.scm: New module.
* gnu/local.mk: Add new security module and tests.
* doc/guix.text: Add fail2ban-service-type documentation.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@gmail.com>
2022-08-28 21:46:30 -04:00